---
_id: '35426'
author:
- first_name: Cedric
full_name: Richter, Cedric
id: '50003'
last_name: Richter
- first_name: Jan Frederik
full_name: Haltermann, Jan Frederik
id: '44413'
last_name: Haltermann
- first_name: Marie-Christine
full_name: Jakobs, Marie-Christine
last_name: Jakobs
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Stefan
full_name: Schott, Stefan
id: '54847'
last_name: Schott
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
citation:
ama: 'Richter C, Haltermann JF, Jakobs M-C, Pauck F, Schott S, Wehrheim H. Are Neural
Bug Detectors Comparable to Software Developers on Variable Misuse Bugs? In: 37th
IEEE/ACM International Conference on Automated Software Engineering. ACM;
2023. doi:10.1145/3551349.3561156'
apa: Richter, C., Haltermann, J. F., Jakobs, M.-C., Pauck, F., Schott, S., &
Wehrheim, H. (2023). Are Neural Bug Detectors Comparable to Software Developers
on Variable Misuse Bugs? 37th IEEE/ACM International Conference on Automated
Software Engineering. https://doi.org/10.1145/3551349.3561156
bibtex: '@inproceedings{Richter_Haltermann_Jakobs_Pauck_Schott_Wehrheim_2023, title={Are
Neural Bug Detectors Comparable to Software Developers on Variable Misuse Bugs?},
DOI={10.1145/3551349.3561156},
booktitle={37th IEEE/ACM International Conference on Automated Software Engineering},
publisher={ACM}, author={Richter, Cedric and Haltermann, Jan Frederik and Jakobs,
Marie-Christine and Pauck, Felix and Schott, Stefan and Wehrheim, Heike}, year={2023}
}'
chicago: Richter, Cedric, Jan Frederik Haltermann, Marie-Christine Jakobs, Felix
Pauck, Stefan Schott, and Heike Wehrheim. “Are Neural Bug Detectors Comparable
to Software Developers on Variable Misuse Bugs?” In 37th IEEE/ACM International
Conference on Automated Software Engineering. ACM, 2023. https://doi.org/10.1145/3551349.3561156.
ieee: 'C. Richter, J. F. Haltermann, M.-C. Jakobs, F. Pauck, S. Schott, and H. Wehrheim,
“Are Neural Bug Detectors Comparable to Software Developers on Variable Misuse
Bugs?,” 2023, doi: 10.1145/3551349.3561156.'
mla: Richter, Cedric, et al. “Are Neural Bug Detectors Comparable to Software Developers
on Variable Misuse Bugs?” 37th IEEE/ACM International Conference on Automated
Software Engineering, ACM, 2023, doi:10.1145/3551349.3561156.
short: 'C. Richter, J.F. Haltermann, M.-C. Jakobs, F. Pauck, S. Schott, H. Wehrheim,
in: 37th IEEE/ACM International Conference on Automated Software Engineering,
ACM, 2023.'
date_created: 2023-01-09T06:28:44Z
date_updated: 2023-01-19T13:50:18Z
department:
- _id: '77'
doi: 10.1145/3551349.3561156
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://doi.org/10.1145/3551349.3561156
oa: '1'
project:
- _id: '3'
name: 'SFB 901 - B: SFB 901 - Project Area B'
- _id: '12'
name: 'SFB 901 - B4: SFB 901 - Subproject B4'
- _id: '1'
name: 'SFB 901: SFB 901'
publication: 37th IEEE/ACM International Conference on Automated Software Engineering
publication_status: published
publisher: ACM
status: public
title: Are Neural Bug Detectors Comparable to Software Developers on Variable Misuse
Bugs?
type: conference
user_id: '477'
year: '2023'
...
---
_id: '36848'
author:
- first_name: Stefan
full_name: Schott, Stefan
id: '54847'
last_name: Schott
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
citation:
ama: 'Schott S, Pauck F. Benchmark Fuzzing for Android Taint Analyses. In: 2022
IEEE 22nd International Working Conference on Source Code Analysis and Manipulation
(SCAM). IEEE; 2023. doi:10.1109/scam55253.2022.00007'
apa: Schott, S., & Pauck, F. (2023). Benchmark Fuzzing for Android Taint Analyses.
2022 IEEE 22nd International Working Conference on Source Code Analysis and
Manipulation (SCAM). https://doi.org/10.1109/scam55253.2022.00007
bibtex: '@inproceedings{Schott_Pauck_2023, title={Benchmark Fuzzing for Android
Taint Analyses}, DOI={10.1109/scam55253.2022.00007},
booktitle={2022 IEEE 22nd International Working Conference on Source Code Analysis
and Manipulation (SCAM)}, publisher={IEEE}, author={Schott, Stefan and Pauck,
Felix}, year={2023} }'
chicago: Schott, Stefan, and Felix Pauck. “Benchmark Fuzzing for Android Taint Analyses.”
In 2022 IEEE 22nd International Working Conference on Source Code Analysis
and Manipulation (SCAM). IEEE, 2023. https://doi.org/10.1109/scam55253.2022.00007.
ieee: 'S. Schott and F. Pauck, “Benchmark Fuzzing for Android Taint Analyses,” 2023,
doi: 10.1109/scam55253.2022.00007.'
mla: Schott, Stefan, and Felix Pauck. “Benchmark Fuzzing for Android Taint Analyses.”
2022 IEEE 22nd International Working Conference on Source Code Analysis and
Manipulation (SCAM), IEEE, 2023, doi:10.1109/scam55253.2022.00007.
short: 'S. Schott, F. Pauck, in: 2022 IEEE 22nd International Working Conference
on Source Code Analysis and Manipulation (SCAM), IEEE, 2023.'
date_created: 2023-01-16T07:17:12Z
date_updated: 2023-01-19T13:49:06Z
department:
- _id: '77'
doi: 10.1109/scam55253.2022.00007
language:
- iso: eng
main_file_link:
- url: https://ieeexplore.ieee.org/document/10006876
project:
- _id: '107'
name: 'SFB 901 - T3: SFB 901 -Subproject T3'
- _id: '82'
name: 'SFB 901 - T: SFB 901 - Project Area T'
- _id: '1'
name: 'SFB 901: SFB 901'
publication: 2022 IEEE 22nd International Working Conference on Source Code Analysis
and Manipulation (SCAM)
publication_status: published
publisher: IEEE
status: public
title: Benchmark Fuzzing for Android Taint Analyses
type: conference
user_id: '477'
year: '2023'
...
---
_id: '35427'
author:
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
citation:
ama: 'Pauck F. Scaling Arbitrary Android App Analyses. In: 37th IEEE/ACM International
Conference on Automated Software Engineering. ACM; 2023. doi:10.1145/3551349.3561339'
apa: Pauck, F. (2023). Scaling Arbitrary Android App Analyses. 37th IEEE/ACM
International Conference on Automated Software Engineering. https://doi.org/10.1145/3551349.3561339
bibtex: '@inproceedings{Pauck_2023, title={Scaling Arbitrary Android App Analyses},
DOI={10.1145/3551349.3561339},
booktitle={37th IEEE/ACM International Conference on Automated Software Engineering},
publisher={ACM}, author={Pauck, Felix}, year={2023} }'
chicago: Pauck, Felix. “Scaling Arbitrary Android App Analyses.” In 37th IEEE/ACM
International Conference on Automated Software Engineering. ACM, 2023. https://doi.org/10.1145/3551349.3561339.
ieee: 'F. Pauck, “Scaling Arbitrary Android App Analyses,” 2023, doi: 10.1145/3551349.3561339.'
mla: Pauck, Felix. “Scaling Arbitrary Android App Analyses.” 37th IEEE/ACM International
Conference on Automated Software Engineering, ACM, 2023, doi:10.1145/3551349.3561339.
short: 'F. Pauck, in: 37th IEEE/ACM International Conference on Automated Software
Engineering, ACM, 2023.'
date_created: 2023-01-09T06:32:33Z
date_updated: 2023-01-19T13:49:52Z
department:
- _id: '77'
doi: 10.1145/3551349.3561339
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://doi.org/10.1145/3551349.3561339
oa: '1'
project:
- _id: '1'
name: 'SFB 901: SFB 901'
- _id: '3'
name: 'SFB 901 - B: SFB 901 - Project Area B'
- _id: '12'
name: 'SFB 901 - B4: SFB 901 - Subproject B4'
publication: 37th IEEE/ACM International Conference on Automated Software Engineering
publication_status: published
publisher: ACM
status: public
title: Scaling Arbitrary Android App Analyses
type: conference
user_id: '477'
year: '2023'
...
---
_id: '43108'
author:
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
citation:
ama: Pauck F. Cooperative Android App Analysis. Paderborn University; 2023.
doi:10.17619/UNIPB/1-1698
apa: Pauck, F. (2023). Cooperative Android App Analysis. Paderborn University.
https://doi.org/10.17619/UNIPB/1-1698
bibtex: '@book{Pauck_2023, title={Cooperative Android App Analysis}, DOI={10.17619/UNIPB/1-1698},
publisher={Paderborn University}, author={Pauck, Felix}, year={2023} }'
chicago: Pauck, Felix. Cooperative Android App Analysis. Paderborn University,
2023. https://doi.org/10.17619/UNIPB/1-1698.
ieee: F. Pauck, Cooperative Android App Analysis. Paderborn University, 2023.
mla: Pauck, Felix. Cooperative Android App Analysis. Paderborn University,
2023, doi:10.17619/UNIPB/1-1698.
short: F. Pauck, Cooperative Android App Analysis, Paderborn University, 2023.
date_created: 2023-03-27T07:39:35Z
date_updated: 2023-05-22T04:57:42Z
department:
- _id: '77'
doi: 10.17619/UNIPB/1-1698
language:
- iso: eng
project:
- _id: '1'
name: 'SFB 901: SFB 901'
- _id: '3'
name: 'SFB 901 - B: SFB 901 - Project Area B'
- _id: '12'
name: 'SFB 901 - B4: SFB 901 - Subproject B4'
publisher: Paderborn University
status: public
supervisor:
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
title: Cooperative Android App Analysis
type: dissertation
user_id: '22398'
year: '2023'
...
---
_id: '45888'
author:
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
- first_name: Marco
full_name: Platzner, Marco
id: '398'
last_name: Platzner
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: 'Philipp '
full_name: 'Schubert, Philipp '
last_name: Schubert
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Marie-Christine
full_name: Jakobs, Marie-Christine
last_name: Jakobs
citation:
ama: 'Wehrheim H, Platzner M, Bodden E, Schubert P, Pauck F, Jakobs M-C. Verifying
Software and Reconfigurable Hardware Services. In: Haake C-J, Meyer auf der Heide
F, Platzner M, Wachsmuth H, Wehrheim H, eds. On-The-Fly Computing -- Individualized
IT-Services in Dynamic Markets. Vol 412. Verlagsschriftenreihe des Heinz Nixdorf
Instituts. Heinz Nixdorf Institut, Universität Paderborn; 2023:125-144. doi:10.5281/zenodo.8068583'
apa: Wehrheim, H., Platzner, M., Bodden, E., Schubert, P., Pauck, F., & Jakobs,
M.-C. (2023). Verifying Software and Reconfigurable Hardware Services. In C.-J.
Haake, F. Meyer auf der Heide, M. Platzner, H. Wachsmuth, & H. Wehrheim (Eds.),
On-The-Fly Computing -- Individualized IT-services in dynamic markets (Vol.
412, pp. 125–144). Heinz Nixdorf Institut, Universität Paderborn. https://doi.org/10.5281/zenodo.8068583
bibtex: '@inbook{Wehrheim_Platzner_Bodden_Schubert_Pauck_Jakobs_2023, place={Paderborn},
series={Verlagsschriftenreihe des Heinz Nixdorf Instituts}, title={Verifying Software
and Reconfigurable Hardware Services}, volume={412}, DOI={10.5281/zenodo.8068583},
booktitle={On-The-Fly Computing -- Individualized IT-services in dynamic markets},
publisher={Heinz Nixdorf Institut, Universität Paderborn}, author={Wehrheim, Heike
and Platzner, Marco and Bodden, Eric and Schubert, Philipp and Pauck, Felix and
Jakobs, Marie-Christine}, editor={Haake, Claus-Jochen and Meyer auf der Heide,
Friedhelm and Platzner, Marco and Wachsmuth, Henning and Wehrheim, Heike}, year={2023},
pages={125–144}, collection={Verlagsschriftenreihe des Heinz Nixdorf Instituts}
}'
chicago: 'Wehrheim, Heike, Marco Platzner, Eric Bodden, Philipp Schubert, Felix
Pauck, and Marie-Christine Jakobs. “Verifying Software and Reconfigurable Hardware
Services.” In On-The-Fly Computing -- Individualized IT-Services in Dynamic
Markets, edited by Claus-Jochen Haake, Friedhelm Meyer auf der Heide, Marco
Platzner, Henning Wachsmuth, and Heike Wehrheim, 412:125–44. Verlagsschriftenreihe
Des Heinz Nixdorf Instituts. Paderborn: Heinz Nixdorf Institut, Universität Paderborn,
2023. https://doi.org/10.5281/zenodo.8068583.'
ieee: 'H. Wehrheim, M. Platzner, E. Bodden, P. Schubert, F. Pauck, and M.-C. Jakobs,
“Verifying Software and Reconfigurable Hardware Services,” in On-The-Fly Computing
-- Individualized IT-services in dynamic markets, vol. 412, C.-J. Haake, F.
Meyer auf der Heide, M. Platzner, H. Wachsmuth, and H. Wehrheim, Eds. Paderborn:
Heinz Nixdorf Institut, Universität Paderborn, 2023, pp. 125–144.'
mla: Wehrheim, Heike, et al. “Verifying Software and Reconfigurable Hardware Services.”
On-The-Fly Computing -- Individualized IT-Services in Dynamic Markets,
edited by Claus-Jochen Haake et al., vol. 412, Heinz Nixdorf Institut, Universität
Paderborn, 2023, pp. 125–44, doi:10.5281/zenodo.8068583.
short: 'H. Wehrheim, M. Platzner, E. Bodden, P. Schubert, F. Pauck, M.-C. Jakobs,
in: C.-J. Haake, F. Meyer auf der Heide, M. Platzner, H. Wachsmuth, H. Wehrheim
(Eds.), On-The-Fly Computing -- Individualized IT-Services in Dynamic Markets,
Heinz Nixdorf Institut, Universität Paderborn, Paderborn, 2023, pp. 125–144.'
date_created: 2023-07-07T08:01:23Z
date_updated: 2023-07-07T11:18:59Z
ddc:
- '004'
department:
- _id: '7'
doi: 10.5281/zenodo.8068583
editor:
- first_name: Claus-Jochen
full_name: Haake, Claus-Jochen
last_name: Haake
- first_name: Friedhelm
full_name: Meyer auf der Heide, Friedhelm
last_name: Meyer auf der Heide
- first_name: Marco
full_name: Platzner, Marco
last_name: Platzner
- first_name: Henning
full_name: Wachsmuth, Henning
last_name: Wachsmuth
- first_name: Heike
full_name: Wehrheim, Heike
last_name: Wehrheim
file:
- access_level: open_access
content_type: application/pdf
creator: florida
date_created: 2023-07-07T08:01:12Z
date_updated: 2023-07-07T11:18:59Z
file_id: '45889'
file_name: B4-Chapter-SFB-Buch-Final.pdf
file_size: 840964
relation: main_file
file_date_updated: 2023-07-07T11:18:59Z
has_accepted_license: '1'
intvolume: ' 412'
language:
- iso: eng
oa: '1'
page: 125-144
place: Paderborn
project:
- _id: '1'
grant_number: '160364472'
name: 'SFB 901: SFB 901: On-The-Fly Computing - Individualisierte IT-Dienstleistungen
in dynamischen Märkten '
- _id: '3'
name: 'SFB 901 - B: SFB 901 - Project Area B'
- _id: '12'
name: 'SFB 901 - B4: SFB 901 - Subproject B4'
publication: On-The-Fly Computing -- Individualized IT-services in dynamic markets
publisher: Heinz Nixdorf Institut, Universität Paderborn
series_title: Verlagsschriftenreihe des Heinz Nixdorf Instituts
status: public
title: Verifying Software and Reconfigurable Hardware Services
type: book_chapter
user_id: '477'
volume: 412
year: '2023'
...
---
_id: '27045'
abstract:
- lang: eng
text: 'Due to the lack of established real-world benchmark suites for static taint
analyses of Android applications, evaluations of these analyses are often restricted
and hard to compare. Even in evaluations that do use real-world apps, details
about the ground truth in those apps are rarely documented, which makes it difficult
to compare and reproduce the results. To push Android taint analysis research
forward, this paper thus recommends criteria for constructing real-world benchmark
suites for this specific domain, and presents TaintBench, the first real-world
malware benchmark suite with documented taint flows. TaintBench benchmark apps
include taint flows with complex structures, and addresses static challenges that
are commonly agreed on by the community. Together with the TaintBench suite, we
introduce the TaintBench framework, whose goal is to simplify real-world benchmarking
of Android taint analyses. First, a usability test shows that the framework improves
experts’ performance and perceived usability when documenting and inspecting taint
flows. Second, experiments using TaintBench reveal new insights for the taint
analysis tools Amandroid and FlowDroid: (i) They are less effective on real-world
malware apps than on synthetic benchmark apps. (ii) Predefined lists of sources
and sinks heavily impact the tools’ accuracy. (iii) Surprisingly, up-to-date versions
of both tools are less accurate than their predecessors.'
author:
- first_name: Linghui
full_name: Luo, Linghui
last_name: Luo
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Goran
full_name: Piskachev, Goran
id: '41936'
last_name: Piskachev
orcid: 0000-0003-4424-5838
- first_name: Manuel
full_name: Benz, Manuel
last_name: Benz
- first_name: Ivan
full_name: Pashchenko, Ivan
last_name: Pashchenko
- first_name: Martin
full_name: Mory, Martin
id: '65667'
last_name: Mory
orcid: 0000-0001-5609-0031
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Ben
full_name: Hermann, Ben
id: '66173'
last_name: Hermann
orcid: 0000-0001-9848-2017
- first_name: Fabio
full_name: Massacci, Fabio
last_name: Massacci
citation:
ama: 'Luo L, Pauck F, Piskachev G, et al. TaintBench: Automatic real-world malware
benchmarking of Android taint analyses. Empirical Software Engineering.
Published online 2021. doi:10.1007/s10664-021-10013-5'
apa: 'Luo, L., Pauck, F., Piskachev, G., Benz, M., Pashchenko, I., Mory, M., Bodden,
E., Hermann, B., & Massacci, F. (2021). TaintBench: Automatic real-world malware
benchmarking of Android taint analyses. Empirical Software Engineering.
https://doi.org/10.1007/s10664-021-10013-5'
bibtex: '@article{Luo_Pauck_Piskachev_Benz_Pashchenko_Mory_Bodden_Hermann_Massacci_2021,
title={TaintBench: Automatic real-world malware benchmarking of Android taint
analyses}, DOI={10.1007/s10664-021-10013-5},
journal={Empirical Software Engineering}, author={Luo, Linghui and Pauck, Felix
and Piskachev, Goran and Benz, Manuel and Pashchenko, Ivan and Mory, Martin and
Bodden, Eric and Hermann, Ben and Massacci, Fabio}, year={2021} }'
chicago: 'Luo, Linghui, Felix Pauck, Goran Piskachev, Manuel Benz, Ivan Pashchenko,
Martin Mory, Eric Bodden, Ben Hermann, and Fabio Massacci. “TaintBench: Automatic
Real-World Malware Benchmarking of Android Taint Analyses.” Empirical Software
Engineering, 2021. https://doi.org/10.1007/s10664-021-10013-5.'
ieee: 'L. Luo et al., “TaintBench: Automatic real-world malware benchmarking
of Android taint analyses,” Empirical Software Engineering, 2021, doi:
10.1007/s10664-021-10013-5.'
mla: 'Luo, Linghui, et al. “TaintBench: Automatic Real-World Malware Benchmarking
of Android Taint Analyses.” Empirical Software Engineering, 2021, doi:10.1007/s10664-021-10013-5.'
short: L. Luo, F. Pauck, G. Piskachev, M. Benz, I. Pashchenko, M. Mory, E. Bodden,
B. Hermann, F. Massacci, Empirical Software Engineering (2021).
date_created: 2021-11-02T05:13:49Z
date_updated: 2022-01-06T06:57:32Z
ddc:
- '000'
department:
- _id: '77'
- _id: '76'
doi: 10.1007/s10664-021-10013-5
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://link.springer.com/content/pdf/10.1007/s10664-021-10013-5.pdf
oa: '1'
project:
- _id: '1'
name: SFB 901
- _id: '3'
name: SFB 901 - Project Area B
- _id: '12'
name: SFB 901 - Subproject B4
publication: Empirical Software Engineering
publication_identifier:
issn:
- 1382-3256
- 1573-7616
publication_status: published
status: public
title: 'TaintBench: Automatic real-world malware benchmarking of Android taint analyses'
type: journal_article
user_id: '15249'
year: '2021'
...
---
_id: '28199'
author:
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
citation:
ama: 'Pauck F, Wehrheim H. Jicer: Simplifying Cooperative Android App Analysis Tasks.
In: 2021 IEEE 21st International Working Conference on Source Code Analysis
and Manipulation (SCAM). ; 2021. doi:10.1109/scam52516.2021.00031'
apa: 'Pauck, F., & Wehrheim, H. (2021). Jicer: Simplifying Cooperative Android
App Analysis Tasks. 2021 IEEE 21st International Working Conference on Source
Code Analysis and Manipulation (SCAM). https://doi.org/10.1109/scam52516.2021.00031'
bibtex: '@inproceedings{Pauck_Wehrheim_2021, title={Jicer: Simplifying Cooperative
Android App Analysis Tasks}, DOI={10.1109/scam52516.2021.00031},
booktitle={2021 IEEE 21st International Working Conference on Source Code Analysis
and Manipulation (SCAM)}, author={Pauck, Felix and Wehrheim, Heike}, year={2021}
}'
chicago: 'Pauck, Felix, and Heike Wehrheim. “Jicer: Simplifying Cooperative Android
App Analysis Tasks.” In 2021 IEEE 21st International Working Conference on
Source Code Analysis and Manipulation (SCAM), 2021. https://doi.org/10.1109/scam52516.2021.00031.'
ieee: 'F. Pauck and H. Wehrheim, “Jicer: Simplifying Cooperative Android App Analysis
Tasks,” 2021, doi: 10.1109/scam52516.2021.00031.'
mla: 'Pauck, Felix, and Heike Wehrheim. “Jicer: Simplifying Cooperative Android
App Analysis Tasks.” 2021 IEEE 21st International Working Conference on Source
Code Analysis and Manipulation (SCAM), 2021, doi:10.1109/scam52516.2021.00031.'
short: 'F. Pauck, H. Wehrheim, in: 2021 IEEE 21st International Working Conference
on Source Code Analysis and Manipulation (SCAM), 2021.'
date_created: 2021-12-01T08:53:29Z
date_updated: 2022-11-17T14:26:19Z
department:
- _id: '77'
doi: 10.1109/scam52516.2021.00031
language:
- iso: eng
project:
- _id: '12'
name: SFB 901 - Subproject B4
- _id: '1'
name: 'SFB 901: SFB 901'
- _id: '3'
name: 'SFB 901 - B: SFB 901 - Project Area B'
publication: 2021 IEEE 21st International Working Conference on Source Code Analysis
and Manipulation (SCAM)
publication_status: published
status: public
title: 'Jicer: Simplifying Cooperative Android App Analysis Tasks'
type: conference
user_id: '477'
year: '2021'
...
---
_id: '27841'
abstract:
- lang: eng
text: Verification of software and processor hardware usually proceeds separately,
software analysis relying on the correctness of processors executing machine instructions.
This assumption is valid as long as the software runs on standard CPUs that have
been extensively validated and are in wide use. However, for processors exploiting
custom instruction set extensions to meet performance and energy constraints the
validation might be less extensive, challenging the correctness assumption. In
this paper we present a novel formal approach for hardware/software co-verification
targeting processors with custom instruction set extensions. We detail two different
approaches for checking whether the hardware fulfills the requirements expected
by the software analysis. The approaches are designed to explore a trade-off between
generality of the verification and computational effort. Then, we describe the
integration of software and hardware analyses for both techniques and describe
a fully automated tool chain implementing the approaches. Finally, we demonstrate
and compare the two approaches on example source code with custom instructions,
using state-of-the-art software analysis and hardware verification techniques.
author:
- first_name: Marie-Christine
full_name: Jakobs, Marie-Christine
last_name: Jakobs
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Marco
full_name: Platzner, Marco
id: '398'
last_name: Platzner
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
- first_name: Tobias
full_name: Wiersema, Tobias
id: '3118'
last_name: Wiersema
citation:
ama: Jakobs M-C, Pauck F, Platzner M, Wehrheim H, Wiersema T. Software/Hardware
Co-Verification for Custom Instruction Set Processors. IEEE Access. Published
online 2021. doi:10.1109/ACCESS.2021.3131213
apa: Jakobs, M.-C., Pauck, F., Platzner, M., Wehrheim, H., & Wiersema, T. (2021).
Software/Hardware Co-Verification for Custom Instruction Set Processors. IEEE
Access. https://doi.org/10.1109/ACCESS.2021.3131213
bibtex: '@article{Jakobs_Pauck_Platzner_Wehrheim_Wiersema_2021, title={Software/Hardware
Co-Verification for Custom Instruction Set Processors}, DOI={10.1109/ACCESS.2021.3131213},
journal={IEEE Access}, publisher={IEEE}, author={Jakobs, Marie-Christine and Pauck,
Felix and Platzner, Marco and Wehrheim, Heike and Wiersema, Tobias}, year={2021}
}'
chicago: Jakobs, Marie-Christine, Felix Pauck, Marco Platzner, Heike Wehrheim, and
Tobias Wiersema. “Software/Hardware Co-Verification for Custom Instruction Set
Processors.” IEEE Access, 2021. https://doi.org/10.1109/ACCESS.2021.3131213.
ieee: 'M.-C. Jakobs, F. Pauck, M. Platzner, H. Wehrheim, and T. Wiersema, “Software/Hardware
Co-Verification for Custom Instruction Set Processors,” IEEE Access, 2021,
doi: 10.1109/ACCESS.2021.3131213.'
mla: Jakobs, Marie-Christine, et al. “Software/Hardware Co-Verification for Custom
Instruction Set Processors.” IEEE Access, IEEE, 2021, doi:10.1109/ACCESS.2021.3131213.
short: M.-C. Jakobs, F. Pauck, M. Platzner, H. Wehrheim, T. Wiersema, IEEE Access
(2021).
date_created: 2021-11-25T14:12:22Z
date_updated: 2023-01-18T08:34:50Z
department:
- _id: '78'
doi: 10.1109/ACCESS.2021.3131213
funded_apc: '1'
keyword:
- Software Analysis
- Abstract Interpretation
- Custom Instruction
- Hardware Verification
language:
- iso: eng
project:
- _id: '1'
name: SFB 901
- _id: '3'
name: SFB 901 - Project Area B
- _id: '12'
name: SFB 901 - Subproject B4
publication: IEEE Access
publication_status: published
publisher: IEEE
quality_controlled: '1'
status: public
title: Software/Hardware Co-Verification for Custom Instruction Set Processors
type: journal_article
user_id: '22398'
year: '2021'
...
---
_id: '21238'
author:
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
citation:
ama: 'Pauck F, Wehrheim H. Cooperative Android App Analysis with CoDiDroid. In:
Koziolek A, Schaefer I, Seidl C, eds. Software Engineering 2021. Gesellschaft
für Informatik e.V.; 2021:83-84. doi:10.18420/SE2021_30 '
apa: Pauck, F., & Wehrheim, H. (2021). Cooperative Android App Analysis with
CoDiDroid. In A. Koziolek, I. Schaefer, & C. Seidl (Eds.), Software Engineering
2021 (pp. 83–84). Gesellschaft für Informatik e.V. https://doi.org/10.18420/SE2021_30
bibtex: '@inproceedings{Pauck_Wehrheim_2021, place={Bonn}, title={Cooperative Android
App Analysis with CoDiDroid}, DOI={10.18420/SE2021_30 }, booktitle={Software Engineering 2021}, publisher={Gesellschaft
für Informatik e.V.}, author={Pauck, Felix and Wehrheim, Heike}, editor={Koziolek,
Anne and Schaefer, Ina and Seidl, Christoph}, year={2021}, pages={83–84} }'
chicago: 'Pauck, Felix, and Heike Wehrheim. “Cooperative Android App Analysis with
CoDiDroid.” In Software Engineering 2021, edited by Anne Koziolek, Ina
Schaefer, and Christoph Seidl, 83–84. Bonn: Gesellschaft für Informatik e.V.,
2021. https://doi.org/10.18420/SE2021_30
.'
ieee: 'F. Pauck and H. Wehrheim, “Cooperative Android App Analysis with CoDiDroid,”
in Software Engineering 2021, 2021, pp. 83–84, doi: 10.18420/SE2021_30 .'
mla: Pauck, Felix, and Heike Wehrheim. “Cooperative Android App Analysis with CoDiDroid.”
Software Engineering 2021, edited by Anne Koziolek et al., Gesellschaft
für Informatik e.V., 2021, pp. 83–84, doi:10.18420/SE2021_30 .
short: 'F. Pauck, H. Wehrheim, in: A. Koziolek, I. Schaefer, C. Seidl (Eds.), Software
Engineering 2021, Gesellschaft für Informatik e.V., Bonn, 2021, pp. 83–84.'
date_created: 2021-02-16T09:28:49Z
date_updated: 2023-01-18T08:35:20Z
department:
- _id: '77'
doi: '10.18420/SE2021_30 '
editor:
- first_name: Anne
full_name: Koziolek, Anne
last_name: Koziolek
- first_name: Ina
full_name: Schaefer, Ina
last_name: Schaefer
- first_name: Christoph
full_name: Seidl, Christoph
last_name: Seidl
language:
- iso: eng
page: ' 83-84 '
place: Bonn
project:
- _id: '1'
name: SFB 901
- _id: '3'
name: SFB 901 - Project Area B
- _id: '12'
name: SFB 901 - Subproject B4
publication: Software Engineering 2021
publication_status: published
publisher: Gesellschaft für Informatik e.V.
status: public
title: Cooperative Android App Analysis with CoDiDroid
type: conference
user_id: '22398'
year: '2021'
...
---
_id: '16214'
author:
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
citation:
ama: 'Pauck F, Bodden E, Wehrheim H. Reproducing Taint-Analysis Results with ReproDroid.
In: Felderer M, Hasselbring W, Rabiser R, Jung R, eds. Software Engineering
2020, Fachtagung Des GI-Fachbereichs Softwaretechnik, 24.-28. Februar 2020, Innsbruck,
Austria. {LNI}. Gesellschaft f{\"{u}}r Informatik e.V.; 2020:123-124. doi:10.18420/SE2020_36'
apa: Pauck, F., Bodden, E., & Wehrheim, H. (2020). Reproducing Taint-Analysis
Results with ReproDroid. In M. Felderer, W. Hasselbring, R. Rabiser, & R.
Jung (Eds.), Software Engineering 2020, Fachtagung des GI-Fachbereichs Softwaretechnik,
24.-28. Februar 2020, Innsbruck, Austria (pp. 123–124). Gesellschaft f{\"{u}}r
Informatik e.V. https://doi.org/10.18420/SE2020_36
bibtex: '@inproceedings{Pauck_Bodden_Wehrheim_2020, series={{LNI}}, title={Reproducing
Taint-Analysis Results with ReproDroid}, DOI={10.18420/SE2020_36},
booktitle={Software Engineering 2020, Fachtagung des GI-Fachbereichs Softwaretechnik,
24.-28. Februar 2020, Innsbruck, Austria}, publisher={Gesellschaft f{\"{u}}r Informatik
e.V.}, author={Pauck, Felix and Bodden, Eric and Wehrheim, Heike}, editor={Felderer,
Michael and Hasselbring, Wilhelm and Rabiser, Rick and Jung, Reiner}, year={2020},
pages={123–124}, collection={{LNI}} }'
chicago: Pauck, Felix, Eric Bodden, and Heike Wehrheim. “Reproducing Taint-Analysis
Results with ReproDroid.” In Software Engineering 2020, Fachtagung Des GI-Fachbereichs
Softwaretechnik, 24.-28. Februar 2020, Innsbruck, Austria, edited by Michael
Felderer, Wilhelm Hasselbring, Rick Rabiser, and Reiner Jung, 123–24. {LNI}. Gesellschaft
f{\"{u}}r Informatik e.V., 2020. https://doi.org/10.18420/SE2020_36.
ieee: 'F. Pauck, E. Bodden, and H. Wehrheim, “Reproducing Taint-Analysis Results
with ReproDroid,” in Software Engineering 2020, Fachtagung des GI-Fachbereichs
Softwaretechnik, 24.-28. Februar 2020, Innsbruck, Austria, 2020, pp. 123–124,
doi: 10.18420/SE2020_36.'
mla: Pauck, Felix, et al. “Reproducing Taint-Analysis Results with ReproDroid.”
Software Engineering 2020, Fachtagung Des GI-Fachbereichs Softwaretechnik,
24.-28. Februar 2020, Innsbruck, Austria, edited by Michael Felderer et al.,
Gesellschaft f{\"{u}}r Informatik e.V., 2020, pp. 123–24, doi:10.18420/SE2020_36.
short: 'F. Pauck, E. Bodden, H. Wehrheim, in: M. Felderer, W. Hasselbring, R. Rabiser,
R. Jung (Eds.), Software Engineering 2020, Fachtagung Des GI-Fachbereichs Softwaretechnik,
24.-28. Februar 2020, Innsbruck, Austria, Gesellschaft f{\"{u}}r Informatik e.V.,
2020, pp. 123–124.'
date_created: 2020-03-03T08:10:33Z
date_updated: 2023-01-18T08:39:53Z
department:
- _id: '34'
- _id: '77'
doi: 10.18420/SE2020_36
editor:
- first_name: Michael
full_name: Felderer, Michael
last_name: Felderer
- first_name: Wilhelm
full_name: Hasselbring, Wilhelm
last_name: Hasselbring
- first_name: Rick
full_name: Rabiser, Rick
last_name: Rabiser
- first_name: Reiner
full_name: Jung, Reiner
last_name: Jung
language:
- iso: eng
page: 123-124
publication: Software Engineering 2020, Fachtagung des GI-Fachbereichs Softwaretechnik,
24.-28. Februar 2020, Innsbruck, Austria
publication_status: published
publisher: Gesellschaft f{\"{u}}r Informatik e.V.
series_title: '{LNI}'
status: public
title: Reproducing Taint-Analysis Results with ReproDroid
type: conference
user_id: '22398'
year: '2020'
...
---
_id: '15838'
abstract:
- lang: eng
text: In the field of software analysis a trade-off between scalability and accuracy
always exists. In this respect, Android app analysis is no exception, in particular,
analyzing large or many apps can be challenging. Dealing with many small apps
is a typical challenge when facing micro-benchmarks such as DROIDBENCH or ICC-BENCH.
These particular benchmarks are not only used for the evaluation of novel tools
but also in continuous integration pipelines of existing mature tools to maintain
and guarantee a certain quality-level. Considering this latter usage it becomes
very important to be able to achieve benchmark results as fast as possible. Hence,
benchmarks have to be optimized for this purpose. One approach to do so is app
merging. We implemented the Android Merge Tool (AMT) following this approach and
show that its novel aspects can be used to produce scaled up and accurate benchmarks.
For such benchmarks Android app analysis tools do not suffer from the scalability-accuracy
trade-off anymore. We show this throughout detailed experiments on DROIDBENCH
employing three different analysis tools (AMANDROID, ICCTA, FLOWDROID). Benchmark
execution times are largely reduced without losing benchmark accuracy. Moreover,
we argue why AMT is an advantageous successor of the state-of-the-art app merging
tool (APKCOMBINER) in analysis lift-up scenarios.
author:
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Shikun
full_name: Zhang, Shikun
last_name: Zhang
citation:
ama: 'Pauck F, Zhang S. Android App Merging for Benchmark Speed-Up and Analysis
Lift-Up. In: 2019 34th IEEE/ACM International Conference on Automated Software
Engineering Workshop (ASEW). ; 2019. doi:10.1109/asew.2019.00019'
apa: Pauck, F., & Zhang, S. (2019). Android App Merging for Benchmark Speed-Up
and Analysis Lift-Up. In 2019 34th IEEE/ACM International Conference on Automated
Software Engineering Workshop (ASEW). https://doi.org/10.1109/asew.2019.00019
bibtex: '@inproceedings{Pauck_Zhang_2019, title={Android App Merging for Benchmark
Speed-Up and Analysis Lift-Up}, DOI={10.1109/asew.2019.00019},
booktitle={2019 34th IEEE/ACM International Conference on Automated Software Engineering
Workshop (ASEW)}, author={Pauck, Felix and Zhang, Shikun}, year={2019} }'
chicago: Pauck, Felix, and Shikun Zhang. “Android App Merging for Benchmark Speed-Up
and Analysis Lift-Up.” In 2019 34th IEEE/ACM International Conference on Automated
Software Engineering Workshop (ASEW), 2019. https://doi.org/10.1109/asew.2019.00019.
ieee: F. Pauck and S. Zhang, “Android App Merging for Benchmark Speed-Up and Analysis
Lift-Up,” in 2019 34th IEEE/ACM International Conference on Automated Software
Engineering Workshop (ASEW), 2019.
mla: Pauck, Felix, and Shikun Zhang. “Android App Merging for Benchmark Speed-Up
and Analysis Lift-Up.” 2019 34th IEEE/ACM International Conference on Automated
Software Engineering Workshop (ASEW), 2019, doi:10.1109/asew.2019.00019.
short: 'F. Pauck, S. Zhang, in: 2019 34th IEEE/ACM International Conference on Automated
Software Engineering Workshop (ASEW), 2019.'
date_created: 2020-02-06T17:06:51Z
date_updated: 2022-01-06T06:52:38Z
ddc:
- '004'
department:
- _id: '77'
doi: 10.1109/asew.2019.00019
file:
- access_level: closed
content_type: application/pdf
creator: fpauck
date_created: 2020-02-06T17:09:45Z
date_updated: 2020-02-06T17:09:45Z
file_id: '15839'
file_name: AMT_final.pdf
file_size: 644517
relation: main_file
file_date_updated: 2020-02-06T17:09:45Z
has_accepted_license: '1'
keyword:
- Program Analysis
- Android App Analysis
- Taint Analysis
- App Merging
- Benchmark
language:
- iso: eng
project:
- _id: '1'
name: SFB 901
- _id: '3'
name: SFB 901 - Project Area B
- _id: '12'
name: SFB 901 - Subproject B4
publication: 2019 34th IEEE/ACM International Conference on Automated Software Engineering
Workshop (ASEW)
publication_identifier:
isbn:
- '9781728141367'
publication_status: published
status: public
title: Android App Merging for Benchmark Speed-Up and Analysis Lift-Up
type: conference
user_id: '477'
year: '2019'
...
---
_id: '10108'
abstract:
- lang: eng
text: "Recent years have seen the development of numerous tools for the analysis
of taint flows in Android apps. Taint analyses aim at detecting data leaks, accidentally
or by purpose programmed into apps. Often, such tools specialize in the treatment
of specific features impeding precise taint analysis (like reflection or inter-app
communication). This multitude of tools, their specific applicability and their
various combination options complicate the selection of a tool (or multiple tools)
when faced with an analysis instance, even for knowledgeable users, and hence
hinders the successful adoption of taint analyses.\r\n\r\nIn this work, we thus
present CoDiDroid, a framework for cooperative Android app analysis. CoDiDroid
(1) allows users to ask questions about flows in apps in varying degrees of detail,
(2) automatically generates subtasks for answering such questions, (3) distributes
tasks onto analysis tools (currently DroidRA, FlowDroid, HornDroid, IC3 and two
novel tools) and (4) at the end merges tool answers on subtasks into an overall
answer. Thereby, users are freed from having to learn about the use and functionality
of all these tools while still being able to leverage their capabilities. Moreover,
we experimentally show that cooperation among tools pays off with respect to effectiveness,
precision and scalability."
author:
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
citation:
ama: 'Pauck F, Wehrheim H. Together Strong: Cooperative Android App Analysis. In:
Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering
Conference and Symposium on the Foundations of Software Engineering. ; 2019:374-384.
doi:10.1145/3338906.3338915'
apa: 'Pauck, F., & Wehrheim, H. (2019). Together Strong: Cooperative Android
App Analysis. Proceedings of the 2019 27th ACM Joint Meeting on European Software
Engineering Conference and Symposium on the Foundations of Software Engineering,
374–384. https://doi.org/10.1145/3338906.3338915'
bibtex: '@inproceedings{Pauck_Wehrheim_2019, title={Together Strong: Cooperative
Android App Analysis}, DOI={10.1145/3338906.3338915},
booktitle={Proceedings of the 2019 27th ACM Joint Meeting on European Software
Engineering Conference and Symposium on the Foundations of Software Engineering},
author={Pauck, Felix and Wehrheim, Heike}, year={2019}, pages={374–384} }'
chicago: 'Pauck, Felix, and Heike Wehrheim. “Together Strong: Cooperative Android
App Analysis.” In Proceedings of the 2019 27th ACM Joint Meeting on European
Software Engineering Conference and Symposium on the Foundations of Software Engineering,
374–84, 2019. https://doi.org/10.1145/3338906.3338915.'
ieee: 'F. Pauck and H. Wehrheim, “Together Strong: Cooperative Android App Analysis,”
in Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering
Conference and Symposium on the Foundations of Software Engineering, 2019,
pp. 374–384, doi: 10.1145/3338906.3338915.'
mla: 'Pauck, Felix, and Heike Wehrheim. “Together Strong: Cooperative Android App
Analysis.” Proceedings of the 2019 27th ACM Joint Meeting on European Software
Engineering Conference and Symposium on the Foundations of Software Engineering,
2019, pp. 374–84, doi:10.1145/3338906.3338915.'
short: 'F. Pauck, H. Wehrheim, in: Proceedings of the 2019 27th ACM Joint Meeting
on European Software Engineering Conference and Symposium on the Foundations of
Software Engineering, 2019, pp. 374–384.'
date_created: 2019-06-04T11:15:25Z
date_updated: 2023-01-18T08:32:47Z
ddc:
- '004'
department:
- _id: '77'
doi: 10.1145/3338906.3338915
file:
- access_level: closed
content_type: application/pdf
creator: fpauck
date_created: 2019-08-20T08:47:20Z
date_updated: 2019-08-20T08:47:20Z
file_id: '12947'
file_name: fse19main-id44-p-ef9ce42-41855-final.pdf
file_size: 442603
relation: main_file
file_date_updated: 2019-08-20T08:47:20Z
has_accepted_license: '1'
keyword:
- Android Taint Analysis
- Cooperation
- Precision
- Tools
language:
- iso: eng
page: 374-384
project:
- _id: '1'
name: SFB 901
- _id: '3'
name: SFB 901 - Project Area B
- _id: '12'
name: SFB 901 - Subproject B4
publication: Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering
Conference and Symposium on the Foundations of Software Engineering
publication_identifier:
isbn:
- 978-1-4503-5572-8
publication_status: published
status: public
title: 'Together Strong: Cooperative Android App Analysis'
type: conference
user_id: '22398'
year: '2019'
...
---
_id: '13874'
author:
- first_name: Tobias
full_name: Isenberg, Tobias
last_name: Isenberg
- first_name: Marie-Christine
full_name: Jakobs, Marie-Christine
last_name: Jakobs
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
citation:
ama: 'Isenberg T, Jakobs M-C, Pauck F, Wehrheim H. When Are Software Verification
Results Valid for Approximate Hardware? In: Tests and Proofs - 13th International
Conference, {TAP} 2019, Held as Part of the Third World Congress on Formal Methods
2019, Porto, Portugal, October 9-11, 2019, Proceedings. ; 2019:3-20. doi:10.1007/978-3-030-31157-5_1'
apa: Isenberg, T., Jakobs, M.-C., Pauck, F., & Wehrheim, H. (2019). When Are
Software Verification Results Valid for Approximate Hardware? Tests and Proofs
- 13th International Conference, {TAP} 2019, Held as Part of the Third World Congress
on Formal Methods 2019, Porto, Portugal, October 9-11, 2019, Proceedings,
3–20. https://doi.org/10.1007/978-3-030-31157-5_1
bibtex: '@inproceedings{Isenberg_Jakobs_Pauck_Wehrheim_2019, title={When Are Software
Verification Results Valid for Approximate Hardware?}, DOI={10.1007/978-3-030-31157-5_1},
booktitle={Tests and Proofs - 13th International Conference, {TAP} 2019, Held
as Part of the Third World Congress on Formal Methods 2019, Porto, Portugal, October
9-11, 2019, Proceedings}, author={Isenberg, Tobias and Jakobs, Marie-Christine
and Pauck, Felix and Wehrheim, Heike}, year={2019}, pages={3–20} }'
chicago: Isenberg, Tobias, Marie-Christine Jakobs, Felix Pauck, and Heike Wehrheim.
“When Are Software Verification Results Valid for Approximate Hardware?” In Tests
and Proofs - 13th International Conference, {TAP} 2019, Held as Part of the Third
World Congress on Formal Methods 2019, Porto, Portugal, October 9-11, 2019, Proceedings,
3–20, 2019. https://doi.org/10.1007/978-3-030-31157-5_1.
ieee: 'T. Isenberg, M.-C. Jakobs, F. Pauck, and H. Wehrheim, “When Are Software
Verification Results Valid for Approximate Hardware?,” in Tests and Proofs
- 13th International Conference, {TAP} 2019, Held as Part of the Third World Congress
on Formal Methods 2019, Porto, Portugal, October 9-11, 2019, Proceedings,
2019, pp. 3–20, doi: 10.1007/978-3-030-31157-5_1.'
mla: Isenberg, Tobias, et al. “When Are Software Verification Results Valid for
Approximate Hardware?” Tests and Proofs - 13th International Conference, {TAP}
2019, Held as Part of the Third World Congress on Formal Methods 2019, Porto,
Portugal, October 9-11, 2019, Proceedings, 2019, pp. 3–20, doi:10.1007/978-3-030-31157-5_1.
short: 'T. Isenberg, M.-C. Jakobs, F. Pauck, H. Wehrheim, in: Tests and Proofs -
13th International Conference, {TAP} 2019, Held as Part of the Third World Congress
on Formal Methods 2019, Porto, Portugal, October 9-11, 2019, Proceedings, 2019,
pp. 3–20.'
date_created: 2019-10-16T09:40:20Z
date_updated: 2023-01-18T08:41:17Z
department:
- _id: '77'
doi: 10.1007/978-3-030-31157-5_1
language:
- iso: eng
page: 3-20
project:
- _id: '12'
name: SFB 901 - Subproject B4
- _id: '3'
name: SFB 901 - Project Area B
- _id: '1'
name: SFB 901
publication: Tests and Proofs - 13th International Conference, {TAP} 2019, Held as
Part of the Third World Congress on Formal Methods 2019, Porto, Portugal, October
9-11, 2019, Proceedings
publication_status: published
status: public
title: When Are Software Verification Results Valid for Approximate Hardware?
type: conference
user_id: '22398'
year: '2019'
...
---
_id: '2711'
abstract:
- lang: eng
text: "In recent years, researchers have developed a number of tools to conduct\r\ntaint
analysis of Android applications. While all the respective papers aim at\r\nproviding
a thorough empirical evaluation, comparability is hindered by varying\r\nor unclear
evaluation targets. Sometimes, the apps used for evaluation are not\r\nprecisely
described. In other cases, authors use an established benchmark but\r\ncover it
only partially. In yet other cases, the evaluations differ in terms of\r\nthe
data leaks searched for, or lack a ground truth to compare against. All\r\nthose
limitations make it impossible to truly compare the tools based on those\r\npublished
evaluations.\r\n We thus present ReproDroid, a framework allowing the accurate
comparison of\r\nAndroid taint analysis tools. ReproDroid supports researchers
in inferring the\r\nground truth for data leaks in apps, in automatically applying
tools to\r\nbenchmarks, and in evaluating the obtained results. We use ReproDroid
to\r\ncomparatively evaluate on equal grounds the six prominent taint analysis
tools\r\nAmandroid, DIALDroid, DidFail, DroidSafe, FlowDroid and IccTA. The results
are\r\nlargely positive although four tools violate some promises concerning features\r\nand
accuracy. Finally, we contribute to the area of unbiased benchmarking with\r\na
new and improved version of the open test suite DroidBench."
author:
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
citation:
ama: Pauck F, Bodden E, Wehrheim H. Do Android Taint Analysis Tools Keep their Promises?
arXiv:180402903. 2018.
apa: Pauck, F., Bodden, E., & Wehrheim, H. (2018). Do Android Taint Analysis
Tools Keep their Promises? ArXiv:1804.02903.
bibtex: '@article{Pauck_Bodden_Wehrheim_2018, title={Do Android Taint Analysis Tools
Keep their Promises?}, journal={arXiv:1804.02903}, author={Pauck, Felix and Bodden,
Eric and Wehrheim, Heike}, year={2018} }'
chicago: Pauck, Felix, Eric Bodden, and Heike Wehrheim. “Do Android Taint Analysis
Tools Keep Their Promises?” ArXiv:1804.02903, 2018.
ieee: F. Pauck, E. Bodden, and H. Wehrheim, “Do Android Taint Analysis Tools Keep
their Promises?,” arXiv:1804.02903. 2018.
mla: Pauck, Felix, et al. “Do Android Taint Analysis Tools Keep Their Promises?”
ArXiv:1804.02903, 2018.
short: F. Pauck, E. Bodden, H. Wehrheim, ArXiv:1804.02903 (2018).
date_created: 2018-05-09T08:27:11Z
date_updated: 2022-01-06T06:57:35Z
ddc:
- '000'
department:
- _id: '77'
- _id: '76'
file:
- access_level: closed
content_type: application/pdf
creator: florida
date_created: 2018-11-21T10:49:23Z
date_updated: 2018-11-21T10:49:23Z
file_id: '5781'
file_name: Do Android Taint Analysis Tools Keep their Promises.pdf
file_size: 1045861
relation: main_file
success: 1
file_date_updated: 2018-11-21T10:49:23Z
has_accepted_license: '1'
language:
- iso: eng
project:
- _id: '1'
name: SFB 901
- _id: '3'
name: SFB 901 - Project Area B
- _id: '12'
name: SFB 901 - Subproject B4
publication: arXiv:1804.02903
status: public
title: Do Android Taint Analysis Tools Keep their Promises?
type: preprint
user_id: '477'
year: '2018'
...
---
_id: '4999'
author:
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
citation:
ama: 'Pauck F, Bodden E, Wehrheim H. Do Android taint analysis tools keep their
promises? In: Proceedings of the 2018 26th ACM Joint Meeting on European Software
Engineering Conference and Symposium on the Foundations of Software Engineering
- ESEC/FSE 2018. ACM Press; 2018. doi:10.1145/3236024.3236029'
apa: Pauck, F., Bodden, E., & Wehrheim, H. (2018). Do Android taint analysis
tools keep their promises? In Proceedings of the 2018 26th ACM Joint Meeting
on European Software Engineering Conference and Symposium on the Foundations of
Software Engineering - ESEC/FSE 2018. ACM Press. https://doi.org/10.1145/3236024.3236029
bibtex: '@inproceedings{Pauck_Bodden_Wehrheim_2018, title={Do Android taint analysis
tools keep their promises?}, DOI={10.1145/3236024.3236029},
booktitle={Proceedings of the 2018 26th ACM Joint Meeting on European Software
Engineering Conference and Symposium on the Foundations of Software Engineering
- ESEC/FSE 2018}, publisher={ACM Press}, author={Pauck, Felix and Bodden, Eric
and Wehrheim, Heike}, year={2018} }'
chicago: Pauck, Felix, Eric Bodden, and Heike Wehrheim. “Do Android Taint Analysis
Tools Keep Their Promises?” In Proceedings of the 2018 26th ACM Joint Meeting
on European Software Engineering Conference and Symposium on the Foundations of
Software Engineering - ESEC/FSE 2018. ACM Press, 2018. https://doi.org/10.1145/3236024.3236029.
ieee: F. Pauck, E. Bodden, and H. Wehrheim, “Do Android taint analysis tools keep
their promises?,” in Proceedings of the 2018 26th ACM Joint Meeting on European
Software Engineering Conference and Symposium on the Foundations of Software Engineering
- ESEC/FSE 2018, 2018.
mla: Pauck, Felix, et al. “Do Android Taint Analysis Tools Keep Their Promises?”
Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering
Conference and Symposium on the Foundations of Software Engineering - ESEC/FSE
2018, ACM Press, 2018, doi:10.1145/3236024.3236029.
short: 'F. Pauck, E. Bodden, H. Wehrheim, in: Proceedings of the 2018 26th ACM Joint
Meeting on European Software Engineering Conference and Symposium on the Foundations
of Software Engineering - ESEC/FSE 2018, ACM Press, 2018.'
date_created: 2018-10-30T08:03:17Z
date_updated: 2022-01-06T07:01:34Z
ddc:
- '004'
department:
- _id: '77'
- _id: '76'
doi: 10.1145/3236024.3236029
file:
- access_level: closed
content_type: application/pdf
creator: ups
date_created: 2018-11-02T13:37:38Z
date_updated: 2018-11-02T13:37:38Z
file_id: '5251'
file_name: fse18main-id76-p.pdf
file_size: 524169
relation: main_file
success: 1
file_date_updated: 2018-11-02T13:37:38Z
has_accepted_license: '1'
language:
- iso: eng
project:
- _id: '3'
name: SFB 901 - Project Area B
- _id: '12'
name: SFB 901 - Subproject B4
- _id: '1'
name: SFB 901
publication: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering
Conference and Symposium on the Foundations of Software Engineering - ESEC/FSE
2018
publication_identifier:
isbn:
- '9781450355735'
publication_status: published
publisher: ACM Press
status: public
title: Do Android taint analysis tools keep their promises?
type: conference
user_id: '477'
year: '2018'
...
---
_id: '1043'
abstract:
- lang: eng
text: 'Approximate computing (AC) is an emerging paradigm for energy-efficient computation.
The basic idea of AC is to sacrifice high precision for low energy by allowing
hardware to carry out “approximately correct” calculations. This provides a major
challenge for software quality assurance: programs successfully verified to be
correct might be erroneous on approximate hardware. In this letter, we present
a novel approach for determining under what conditions a software verification
result is valid for approximate hardware. To this end, we compute the allowed
tolerances for AC hardware from successful verification runs. More precisely,
we derive a set of constraints which—when met by the AC hardware—guarantees the
verification result to carry over to AC. On the practical side, we furthermore:
1) show how to extract tolerances from verification runs employing predicate abstraction
as verification technology and 2) show how to check such constraints on hardware
designs. We have implemented all techniques, and exemplify them on example C programs
and a number of recently proposed approximate adders.'
author:
- first_name: Tobias
full_name: Isenberg, Tobias
last_name: Isenberg
- first_name: Marie-Christine
full_name: Jakobs, Marie-Christine
last_name: Jakobs
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
citation:
ama: Isenberg T, Jakobs M-C, Pauck F, Wehrheim H. Validity of Software Verification
Results on Approximate Hardware. IEEE Embedded Systems Letters. 2018:22-25.
doi:10.1109/LES.2017.2758200
apa: Isenberg, T., Jakobs, M.-C., Pauck, F., & Wehrheim, H. (2018). Validity
of Software Verification Results on Approximate Hardware. IEEE Embedded Systems
Letters, 22–25. https://doi.org/10.1109/LES.2017.2758200
bibtex: '@article{Isenberg_Jakobs_Pauck_Wehrheim_2018, title={Validity of Software
Verification Results on Approximate Hardware}, DOI={10.1109/LES.2017.2758200},
journal={IEEE Embedded Systems Letters}, publisher={Institute of Electrical and
Electronics Engineers (IEEE)}, author={Isenberg, Tobias and Jakobs, Marie-Christine
and Pauck, Felix and Wehrheim, Heike}, year={2018}, pages={22–25} }'
chicago: Isenberg, Tobias, Marie-Christine Jakobs, Felix Pauck, and Heike Wehrheim.
“Validity of Software Verification Results on Approximate Hardware.” IEEE Embedded
Systems Letters, 2018, 22–25. https://doi.org/10.1109/LES.2017.2758200.
ieee: T. Isenberg, M.-C. Jakobs, F. Pauck, and H. Wehrheim, “Validity of Software
Verification Results on Approximate Hardware,” IEEE Embedded Systems Letters,
pp. 22–25, 2018.
mla: Isenberg, Tobias, et al. “Validity of Software Verification Results on Approximate
Hardware.” IEEE Embedded Systems Letters, Institute of Electrical and Electronics
Engineers (IEEE), 2018, pp. 22–25, doi:10.1109/LES.2017.2758200.
short: T. Isenberg, M.-C. Jakobs, F. Pauck, H. Wehrheim, IEEE Embedded Systems Letters
(2018) 22–25.
date_created: 2017-12-11T16:11:00Z
date_updated: 2022-01-06T06:50:39Z
ddc:
- '000'
department:
- _id: '77'
doi: 10.1109/LES.2017.2758200
file:
- access_level: closed
content_type: application/pdf
creator: ups
date_created: 2018-11-02T15:27:04Z
date_updated: 2018-11-02T15:27:04Z
file_id: '5303'
file_name: 08053741.pdf
file_size: 523362
relation: main_file
success: 1
file_date_updated: 2018-11-02T15:27:04Z
has_accepted_license: '1'
language:
- iso: eng
page: 22-25
project:
- _id: '1'
name: SFB 901
- _id: '3'
name: SFB 901 - Project Area B
- _id: '12'
name: SFB 901 - Subproject B4
publication: IEEE Embedded Systems Letters
publication_identifier:
issn:
- 1943-0663
- 1943-0671
publication_status: published
publisher: Institute of Electrical and Electronics Engineers (IEEE)
status: public
title: Validity of Software Verification Results on Approximate Hardware
type: journal_article
user_id: '477'
year: '2018'
...
---
_id: '109'
author:
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
citation:
ama: Pauck F. Cooperative Static Analysis of Android Applications. Universität
Paderborn; 2017.
apa: Pauck, F. (2017). Cooperative static analysis of Android applications.
Universität Paderborn.
bibtex: '@book{Pauck_2017, title={Cooperative static analysis of Android applications},
publisher={Universität Paderborn}, author={Pauck, Felix}, year={2017} }'
chicago: Pauck, Felix. Cooperative Static Analysis of Android Applications.
Universität Paderborn, 2017.
ieee: F. Pauck, Cooperative static analysis of Android applications. Universität
Paderborn, 2017.
mla: Pauck, Felix. Cooperative Static Analysis of Android Applications. Universität
Paderborn, 2017.
short: F. Pauck, Cooperative Static Analysis of Android Applications, Universität
Paderborn, 2017.
date_created: 2017-10-17T12:41:12Z
date_updated: 2022-01-06T06:50:52Z
ddc:
- '000'
department:
- _id: '77'
file:
- access_level: open_access
content_type: application/pdf
creator: fpauck
date_created: 2019-08-07T08:55:58Z
date_updated: 2019-08-07T09:03:48Z
file_id: '12905'
file_name: fpauck_2017.pdf
file_size: 5093611
relation: main_file
title: Master's Thesis
file_date_updated: 2019-08-07T09:03:48Z
has_accepted_license: '1'
language:
- iso: eng
oa: '1'
project:
- _id: '1'
name: SFB 901
- _id: '12'
name: SFB 901 - Subprojekt B4
- _id: '3'
name: SFB 901 - Project Area B
publisher: Universität Paderborn
status: public
supervisor:
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
title: Cooperative static analysis of Android applications
type: mastersthesis
user_id: '22398'
year: '2017'
...
---
_id: '170'
abstract:
- lang: eng
text: We present PAndA2, an extendable, static analysis tool for Android apps which examines permission related
security threats like overprivilege, existence of permission redelegation and
permission flows. PAndA2 comes along with a textual and graphical visualization
of the analysis result and even supports the comparison of analysis results for
different android app versions.
author:
- first_name: Marie-Christine
full_name: Jakobs, Marie-Christine
last_name: Jakobs
- first_name: Manuel
full_name: Töws, Manuel
id: '11315'
last_name: Töws
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
citation:
ama: 'Jakobs M-C, Töws M, Pauck F. PAndA 2 : Analyzing Permission Use and Interplay
in Android Apps (Tool Paper). In: Ishikawa F, Romanovsky A TE, ed. Workshop
on Formal and Model-Driven Techniques for Developing Trustworthy Systems.
School of Computing Science Technical Report Series. ; 2016.'
apa: 'Jakobs, M.-C., Töws, M., & Pauck, F. (2016). PAndA 2 : Analyzing Permission
Use and Interplay in Android Apps (Tool Paper). In T. E. Ishikawa F, Romanovsky
A (Ed.), Workshop on Formal and Model-Driven Techniques for Developing Trustworthy
Systems.'
bibtex: '@inproceedings{Jakobs_Töws_Pauck_2016, series={School of Computing Science
Technical Report Series}, title={PAndA 2 : Analyzing Permission Use and Interplay
in Android Apps (Tool Paper)}, booktitle={Workshop on Formal and Model-Driven
Techniques for Developing Trustworthy Systems}, author={Jakobs, Marie-Christine
and Töws, Manuel and Pauck, Felix}, editor={Ishikawa F, Romanovsky A, Troubitsyna
EEditor}, year={2016}, collection={School of Computing Science Technical Report
Series} }'
chicago: 'Jakobs, Marie-Christine, Manuel Töws, and Felix Pauck. “PAndA 2 : Analyzing
Permission Use and Interplay in Android Apps (Tool Paper).” In Workshop on
Formal and Model-Driven Techniques for Developing Trustworthy Systems, edited
by Troubitsyna E Ishikawa F, Romanovsky A. School of Computing Science Technical
Report Series, 2016.'
ieee: 'M.-C. Jakobs, M. Töws, and F. Pauck, “PAndA 2 : Analyzing Permission Use
and Interplay in Android Apps (Tool Paper),” in Workshop on Formal and Model-Driven
Techniques for Developing Trustworthy Systems, 2016.'
mla: 'Jakobs, Marie-Christine, et al. “PAndA 2 : Analyzing Permission Use and Interplay
in Android Apps (Tool Paper).” Workshop on Formal and Model-Driven Techniques
for Developing Trustworthy Systems, edited by Troubitsyna E Ishikawa F, Romanovsky
A, 2016.'
short: 'M.-C. Jakobs, M. Töws, F. Pauck, in: T.E. Ishikawa F, Romanovsky A (Ed.),
Workshop on Formal and Model-Driven Techniques for Developing Trustworthy Systems,
2016.'
date_created: 2017-10-17T12:41:25Z
date_updated: 2022-01-06T06:53:01Z
ddc:
- '040'
department:
- _id: '77'
editor:
- first_name: Troubitsyna E
full_name: Ishikawa F, Romanovsky A, Troubitsyna E
last_name: Ishikawa F, Romanovsky A
file:
- access_level: closed
content_type: application/pdf
creator: florida
date_created: 2018-03-21T12:40:27Z
date_updated: 2018-03-21T12:40:27Z
file_id: '1539'
file_name: 170-main_04.pdf
file_size: 285299
relation: main_file
success: 1
file_date_updated: 2018-03-21T12:40:27Z
has_accepted_license: '1'
project:
- _id: '1'
name: SFB 901
- _id: '12'
name: SFB 901 - Subprojekt B4
- _id: '3'
name: SFB 901 - Project Area B
publication: Workshop on Formal and Model-Driven Techniques for Developing Trustworthy
Systems
related_material:
link:
- relation: contains
url: https://pdfs.semanticscholar.org/58cd/94c8b2335d16aa2558f711cf81b3f7746696.pdf
series_title: School of Computing Science Technical Report Series
status: public
title: 'PAndA 2 : Analyzing Permission Use and Interplay in Android Apps (Tool Paper)'
type: conference
user_id: '15504'
year: '2016'
...
---
_id: '418'
author:
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
citation:
ama: Pauck F. Generierung von Eigenschaftsprüfern in einem Hardware/Software-Co-Verifikationsverfahren.
Universität Paderborn; 2014.
apa: Pauck, F. (2014). Generierung von Eigenschaftsprüfern in einem Hardware/Software-Co-Verifikationsverfahren.
Universität Paderborn.
bibtex: '@book{Pauck_2014, title={Generierung von Eigenschaftsprüfern in einem Hardware/Software-Co-Verifikationsverfahren},
publisher={Universität Paderborn}, author={Pauck, Felix}, year={2014} }'
chicago: Pauck, Felix. Generierung von Eigenschaftsprüfern in einem Hardware/Software-Co-Verifikationsverfahren.
Universität Paderborn, 2014.
ieee: F. Pauck, Generierung von Eigenschaftsprüfern in einem Hardware/Software-Co-Verifikationsverfahren.
Universität Paderborn, 2014.
mla: Pauck, Felix. Generierung von Eigenschaftsprüfern in einem Hardware/Software-Co-Verifikationsverfahren.
Universität Paderborn, 2014.
short: F. Pauck, Generierung von Eigenschaftsprüfern in einem Hardware/Software-Co-Verifikationsverfahren,
Universität Paderborn, 2014.
date_created: 2017-10-17T12:42:13Z
date_updated: 2022-01-06T07:00:30Z
ddc:
- '000'
department:
- _id: '77'
file:
- access_level: open_access
content_type: application/pdf
creator: fpauck
date_created: 2019-08-07T09:00:20Z
date_updated: 2019-08-07T09:05:38Z
file_id: '12906'
file_name: fpauck_2014.pdf
file_size: 3191756
relation: main_file
title: Bachelorarbeit
file_date_updated: 2019-08-07T09:05:38Z
has_accepted_license: '1'
language:
- iso: ger
oa: '1'
project:
- _id: '1'
name: SFB 901
- _id: '12'
name: SFB 901 - Subprojekt B4
- _id: '3'
name: SFB 901 - Project Area B
publisher: Universität Paderborn
status: public
supervisor:
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
title: Generierung von Eigenschaftsprüfern in einem Hardware/Software-Co-Verifikationsverfahren
type: bachelorsthesis
user_id: '22398'
year: '2014'
...